Personal Data Protection Policy
Last Revised and Effective Date: September 28, 2020
Symbl.ai is a Conversational Artificial Intelligent SAAS tool developed to help Company’s deploy amazing customer experiences. Your privacy and the privacy of your customers are critically important to us. At Rammer Technologies Inc., DBA Symbl.ai along with our subsidiaries and affiliates (collectively “Symbl.ai”, “we”, “us”, or “our”), have a few fundamental principles:
- Our goal is to adhere to data protection principles of notice, choice and consent, data integrity, access and enforcement.
- We don’t and won’t ask you for personally identifying information unless we truly need it and you approve sharing it with us. We ask that you do the same with any products or services you offer to your own customers.
- We don’t share your personally identifying information, or data you collect through our API, with anyone, except as needed, to provide product support, to comply with the law, or to protect our rights.
- You are in control of the information you share through the API and the customer data you collect is your responsibility. As part of the Terms of Service, available at symbl.ai/termsofservice, we require that you respect other users of our services and your own customer’s rights to privacy in the same manner you’d require your data to be respected.
This Service does not require you to enter any information to view the website or the product options and services, however, in order to access or otherwise utilize the Services you will be asked to create an account. If you create an account, certain limited information which generally includes personal information will be required to deliver the services to you. This information shall be governed by this policy.
If you have questions about deleting or correcting your personal data, please contact our Support team at firstname.lastname@example.org.;
What type of information do you process?
Symbl.ai processes the following types of data in accordance with this policy:
- Name, company name, and email address for customers (or prospective customers) of our services this includes inputs provided in our online contact us form.
- Conversational data associated with the end users who interact with our application whether through the API or through native UI Components we provide to customers. Conversational data may include personal information including name, email, company name, and generally details of customers conversations.
Collection and Use of Information
- Registration Information.
In order to utilize the Services you will need to set up an account with us, we require certain identifying information that will be linked to your account, including your name and email address. While we do provide paid products and services however, we do not store or collect payment information and instead use Stripe for payment processing. We encourage you to exercise caution before voluntarily disclosing other types of personally identifying information about yourself, and prohibit you from disclosing any personally identifying information about another person, whether another account holder or not. Personally identifying information generally includes, but is not limited to, a person’s name, address, professional titles, company affiliation and any other information that is able to identify an individual.
- Email Addresses.
We do not and will not send spam, sell or rent your email address information to third parties. We do not disclose, sell, share, trade or give away a user’s personal information to third parties, except as needed for completing payment and billing transactions through the services of payment processing vendors, if applicable. We do not email your customers directly, for any reason except if requested by the customer for troubleshooting reasons. Please note that given the nature of our services, emails may be generated on your behalf through our service and may bear the Symbl.ai branding. You are still responsible for the content of those emails complying with our policies and each of our respective privacy policies.
- Logging Statistics
Like most website operators, our servers automatically collect certain types of non-personally-identifying, technical information, such as the browser type, language preference, referring site, and the date and time of each visitor request.
- What website you came from to get here
- How long you stay for
- What kind of device you’re using
We use this information to better understand how our visitors use our website, and to maintain Services.
- Location Information & IP Addresses
Symbl.ai does not collect or store location data through your use of the Services. Internet Protocol addresses indicate the location of a User’s computer or mobile device on a network connected to the Internet. Providing Services to you may result in the logging of IP addresses for systems administration, troubleshooting purposes and to prevent prohibited account sharing. While this may be used to infer an approximation of your location when using certain features of the Services, we do not log IP addresses to track your session. If you are an account holder, we may link IP addresses to personally identifiable information in order to monitor account sharing and prevent prohibited activity.
- Data Logging and Aggregation
In addition to the other uses described in this Policy, you agree that we may extract and use information from the information you disclose for the purposes of logging and aggregating data in a non-identifiable method. This aggregated data may be used internally to improve services, develop new models or without limitation, to develop, analyze, combine, or publish the aggregated data for commercial purposes.
- API Users. If you are using our API and do not wish to have any data logged please follow these steps: or contact us at email@example.com. If you do not make any changes, then the API will continue to log and aggregate data for this limited purpose. You can notify us at any time of your preference.
- Symbl.ai UI Component Customers. For users that use our custom UI the data logging and aggregation is automatic and required to deliver the Services. firstname.lastname@example.org
Your use of certain of the Services may result in the assignment and storage of session cookies by Symbl.ai and Google Analytics to recognize your access privileges and generally track user preferences. A cookie is a text file that is placed on the hard disk of your computer or mobile device by a server. Session cookies expire when you end your session and close your browser interface. Cookies cannot be used to run programs or deliver viruses to your computer or mobile device. Cookies are uniquely assigned to you and can only be read by a server in the domain that issued the cookie to you. Visitors who do not wish to have cookies placed on their computers or mobile devices should deny Cookies by configuring their respective browsers to do so. If Cookies are denied, certain features of our Services may not function properly.
How we Share your Information
Symbl.ai takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally identifying information.
Symbl.ai discloses potential personally identifying information only on an as needed (or required) basis as follows:
- To our employees that: (i) need to know that information in order to process it on our behalf or to provide the Services; and (ii) that have expressly agreed not to disclose it to others. Some of those employees, and contractors may be located outside of your home country; by using the Services you consent to the transfer of such information to them.
- As required by law to comply with a subpoena or similar legal process. To the extent we are legally permitted to do so, we will take commercially reasonable steps to notify you in the event that we are required to provide your personal information to third parties as part of a legal process.
- When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a written government request
- If Symbl.ai becomes involved in a merger, acquisition, or any form of sale of some or all of its assets. In the event of a merger, acquisition, or any form of sale of some or all of Symbl.ai assets, we will ensure that the acquiring organization agrees to protect personal information in accordance with the commitments we have made in this Privacy Notice, and that the acquiring organization will provide notice before personal information, customer information, or business information becomes subject to a different privacy notice.
- To any other third party only with your prior consent to do so. We do not sell your personal information to third parties.
Accessing and Updating your Personal Information
To review, access or update your personal information to review its accuracy, or request deletion please contact us at email@example.com.
We will make commercially reasonable efforts to provide you with reasonable access to any of your personal or other account information we maintain within forty-five (45) days of your request. We provide this access so you can review, make corrections, or request deletion of your information. If we cannot honor your request within the 45-day period, we will tell you when we will be able to provide access. In the unlikely event that we cannot provide you access to your information, we will explain why we cannot do so.
Please note that any changes you make will be reflected in our active user database within a reasonable time, however we may retain information you submit for backups, archiving, prevention of fraud, to satisfy legal obligations, or otherwise we reasonably believe there is a legitimate reason to do so.
If you have an account with us for access and use of our Services, we may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with Symbl.ai and our Services. We primarily use our various product blogs to communicate this type of information, so we expect to keep this type of email to a minimum.
Third Party Services
Symbl.ai uses the google cloud platform and related services including but not limited to google speech to text to provide its services, store information, and host the services. In addition, we also use other common subprocessors like Sendgrid, Hotjar, Kissmetrics all of which help us deliver our services. Symbl.ai manages the transfer of such data by transferring personal information in encrypted formats and in accordance with our data processing agreement. Here is a copy of our form DPA to give you insight into our processes.
Privacy by Design
Privacy controls are considered while designing and implementing new or existing systems or processes, based on the technologies available, cost of implementation, scope, context and purposes of collecting, storing and processing Personal Data. Symbl.ai has implemented appropriate data-protection principles, technical and organizational measures such as data minimization, data encryption, etc. to ensure that Personal Data is secure.
Feedback & Support
If you send us a request (via a support email or one of our feedback channels), We reserve the right to publish it (stripped of all personally identifying information, of course) in order to help us clarify or respond to your request or to help us support other Users.
We may provide technical support to service your account(s) with us. In order to do so, we may use certain personally identifying information, with your consent, to access your account for the purpose of troubleshooting, running tests, and/or otherwise providing support. In providing technical support to you, we may potentially see other personally identifying information viewable on your account pages. As with all other information, we promise to hold any information we encounter in the process of providing support to the highest possible security and protection standards.
Security & Data Storage
To prevent unauthorized access, safeguard data accuracy, and maintain the appropriate use of information, we have put in place appropriate physical, technical, and administrative procedures to protect the personal information data you submit. We make every effort to ensure the integrity and security of our network and systems. However, since the Internet is not 100% secure and as new technology evolves and emerges, we cannot guarantee that our security measures will prevent third-party interferences from illegally obtaining or tampering with your personal information.
We encourage you to help us by also taking precautions to protect your personal data when you use the Services. Change your account password often, using a combination of letters, numbers, and characters, and make sure you use a secure connection.
We will only retain your personal information for as long as necessary to fulfill the purposes for which it was collected, or as necessary to comply with our business requirements and necessary laws; to comply with any legal, accounting or reporting obligations; to resolve disputes; to protect our assets; to efficiently run our business; and to enforce our agreements. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we collect or process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. A user may request access to certain data about themselves by emailing firstname.lastname@example.org.
Privacy of Minors
We do not promote or offer the Services for use by anyone under the age of 13 (“minors”). Symbl.ai does not knowingly solicit or collect personal information from minors, and we will not knowingly link to any third-party website or platform, or host any Customer Sites that solicit or collect personal information from minors. If you believe that a minor has disclosed personal information to us or that we have linked to such a third-party or User website or platform, please contact us at email@example.com.
California Consumer Privacy Rights
The California Consumer Privacy Act (“CCPA”) provides protections for residents of California with regard to personal information and applies to certain businesses that collect such information. Under CCPA, personal information generally means information that can identify, relate to, describe, be associated with, or be reasonably capable of being associated with a particular consumer, household, or device. Your rights with regard to personal information include:
Right to access personal information that we collect. This right includes access to the:
- categories of specific personal information we collect,
- categories of sources from which that information is collected
- business purpose for collection, and
- categories of third parties with which the information is shared, and response data (if applicable) in a portable format.
Right to the deletion of personal information that we, or our service providers, collect.
Right to non-discrimination when exercising your rights under the CCPA.
Exercising California Consumer Privacy Rights
The collection, use, storage, and processing of personal information is largely done as a service provider. Please direct all consumer privacy requests to the company who has used our services to process information about you. Notwithstanding the foregoing, and with regard to any information for which we are a business under CCPA, please contact us and we will provide a response within 45 days of receiving a verifiable request. We may extend this time by up to 90 days, but we will let you know of this during the initial 45 days. A verifiable request is one made by you or someone authorized to act on your behalf. We do not require that you have an account with us in order to make requests, however, if you do not have an account with us, we may ask additional information for the purpose of verifying the request.
After verification, we will respond with the information requested for the preceding 12-month period (you can make two such requests during a 12-month period). Our response will either be sent through your account with us, by mail, or electronically, at your option.
Additional information for International Users
General Data Protection Regulation (“GDPR”)
If you are a resident of the European Union (“EU”), United Kingdom, Lichtesnstein, Norway, or Iceland then you have certain data subject rights under the General Data Protection Regulation (“GDPR”), which include:
- The Right of Rectification. This includes the right to have inaccurate or incomplete information changed.
- The Right to Object. This includes the right to object to our processing of your personal information.
- The Right of Restriction. This includes the right to request that we restrict the processing of your personal information.
- The Right of Data Portability. This includes the right to be provided with a copy of your personal information.
- The Right to Withdraw Consent. This includes the right to withdraw your consent to our collection and use of your personal information.
Exercising Data Subject Rights
The collection, use, storage, and processing of personal information is largely done as a data processor. We are data processors who process information on behalf of a controller based on the controller’s instructions. We also use other data processors that are adhere to the same policy. Therefore, please direct all data subject requests to the company who has used Symbl.ai to collect and process information about you. Notwithstanding the foregoing, and with regard to any information for which we are a data controller, please contact us and we will respond within 30 days by either: (1) completing your request, (2) asking for further documentation in order to prove your identity and right to such information, or (3) a response detailing why your request cannot be completed.
If the ownership of Symbl.ai substantially changes, such that all of its assets are acquired, or merged into another entity, or in the unlikely event that Symbl.ai enters bankruptcy, you understand that any stored personally identifying, and non-personally identifying information and data will likely be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer or merging entity of Symbl.ai may continue to use your personal information as set forth in this policy.
Objections and Restrictions
At any time, you may object, on legitimate grounds, to the processing of Personal Data containing your information except as permitted by applicable law.
You may choose to restrict the collection or use of your personal information in the following ways:
- If you are asked to fill in a form on the website, look for the box that you can check to indicate you do not want your information to be used by the COMPANY or any third party for direct marketing purposes.
- If you have previously agreed to us using your information for direct marketing purposes, you may change your mind at any time by emailing us at symbol.ai.